AAMO: Another Android Malware Obfuscator
vendredi 13 novembre 2015
Libellés :
Android
,
Forensic Tools
,
Scripts
,
tools
,
Tutorials
~
AAMO: Another Android Malware Obfuscator
Set of code-obfuscation scripts tailored for Android applications. Assume that the original application can be disassembled into Smali.
Usage
$ mkdir dir_with_apks_to_obfuscate/ # fill the dir with some APKs
$ vim obfuscators/obfuscators.py
Set the obfuscator_to_apply variable to define the list of obfuscators you want to apply.
For example:
obfuscator_to_apply = [
'Resigned',
'Alignment',
'Rebuild',
'Fields',
'Debug',
'Indirections',
'Defunct',
'StringEncrypt',
'Renaming',
'Reordering',
'Goto',
'ArithmeticBranch',
'Nop',
'Asset',
'Intercept',
'Raw',
'Resource',
'Lib',
'Restring',
'Manifest',
'Reflection']
You can choose a subset of obfuscators (recommended).
$ python obfuscators/obfuscators.py
Enjoy your obfuscated APKs.
Obfuscation Operators
Support:
Android specific
- Repackaging
- Reassembly
- Re-alignment
Simple control-flow modifications
- Junk code insertion
- Debug symbols stripping
- Defunct code insertion
- Unconditional jump insertion
Advanced control-flow modifications
- Call indirection
- Code reordering
- Reflection
- Opaque predicate insertion
Renaming
- Non-code files and resource renaming
- Fields and methods renaming
- Package renaming
Encryption
- Resource encryption (asset files)
- Native code encryption
- Data encryption (strings)
0 commentaires :
Enregistrer un commentaire